package com.cskaoyan.config;

import com.cskaoyan.realm.AdminRealm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;


import java.util.LinkedHashMap;

/**
 * @author hanshuai
 * @version 1.0
 * @description @TODO
 * @date 2021/12/2 9:03
 */
@Configuration
public class ShiroConfig {
    @Bean
    public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
        shiroFilter.setSecurityManager(securityManager);
        //使用了哪一些filter、filter作用范围、filter的顺序是什么
        //map要有序：key是url，value是filter
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        //filter：anon匿名、authc认证、perms权限
        filterChainDefinitionMap.put("/admin/auth/login", "anon");
        filterChainDefinitionMap.put("/admin/**", "authc");
        shiroFilter.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return shiroFilter;
    }

    @Bean
    public DefaultWebSecurityManager securityManager(AdminRealm realm, MarketSessionManager sessionManager) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //securityManager.setAu
        //可以使用set方法设置认证器和授权器
        //也可以使用默认的认证器和授权器：ModularAuth

        //realm需要自己去提供
        // 如果没有自己提供使用的就是默认，这个默认的realm满足不了我们的需求
        //我们提供给SecurityManager，而SecurityManager提供给了默认的认证器和授权器
        securityManager.setRealm(realm);

        securityManager.setSessionManager(sessionManager);
        return securityManager;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor advisor(DefaultWebSecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }


}